kamailio tls.cfg配置

最新推荐文章于 2024-05-08 20:21:25 发布
最新推荐文章于 2024-05-08 20:21:25 发布
阅读量263 收藏
点赞数 1
分类专栏: Kamailio 文章标签: kamailio tls
版权声明:本文为博主原创文章,遵循 CC 4.0 BY 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/qq_56167818/article/details/131430180
版权
这是一个KamailioTLS配置文件的例子,详细定义了不同服务器和客户端的TLS连接参数,包括协议版本、证书验证、私钥和证书路径。对于不同的服务器域和客户端域,设置了不同的安全策略,如是否需要客户端证书和验证深度。
摘要由CSDN通过智能技术生成

完整的tls.cfg配置如下:

#
# Example Kamailio TLS Configuration File
#

# ---
# This is the default server domain profile.
# Settings in this domain will be used for all incoming
# connections that do not match any other server
# domain in this configuration file.
#
# We do not enable anything else than TLSv1.2+
# over the public internet. Clients do not have
# to present client certificates by default.
#
[server:default]
method = TLSv1.2+
verify_certificate = no
require_certificate = no
private_key = /usr/local/etc/kamailio/kamailio-selfsigned.key
certificate = /usr/local/etc/kamailio/kamailio-selfsigned.pem
#ca_list = /usr/local/etc/kamailio/tls/cacert.pem
#crl = /usr/local/etc/kamailio/tls/crl.pem

# ---
# This is the default client domain profile.
# Settings in this domain will be used for all outgoing
# TLS connections that do not match any other
# client domain in this configuration file.
# We require that servers present valid certificate.
#
[client:default]
#method = TLSv1.2+
verify_certificate = yes
require_certificate = yes

# ---
# This is an example server domain for TLS connections
# received from the loopback interface. We allow
# the use of TLSv1.2+ protocols here, we do
# not require that clients present client certificates
# but if they present it it must be valid. We also use
# a special certificate and CA list for loopback
# interface.
#
[server:5.6.7.8:5061]
method = TLSv1.2+
verify_certificate = yes
require_certificate = no
private_key = /usr/local/etc/kamailio/tls/local_key.pem
certificate = /usr/local/etc/kamailio/tls/local_cert.pem
verify_depth = 3
ca_list = /usr/local/etc/kamailio/tls/local_ca.pem
crl = /usr/local/etc/kamailio/tls/local_crl.pem
server_name = kamailio.org
server_id = kamailio.org

# ---
# Special settings for connecting to the example.sip (1.2.3.4)
# public SIP server. We do not verify the certificate of the
# server because it can be expired. The server
# implements authentication using SSL client
# certificates so configure the client certificate
# that was given to use by iptel.org staff here.
#
[client:1.2.3.4:5061]
verify_certificate = no
private_key = /usr/local/etc/kamailio/tls/example_key.pem
certificate = /usr/local/etc/kamailio/tls/example_cert.pem
ca_list = /usr/local/etc/kamailio/tls/example_ca.pem
crl = /usr/local/etc/kamailio/tls/example_crl.pem
server_name = example.sip
server_id = example.sip

# ---
# Example server profile for listening on any ip/port
# - it requires to have 'server_name' to match on SNI (domain and subdomains)
#
#[server:any]
method = TLSv1.2+
verify_certificate = yes
require_certificate = no
private_key = /usr/local/etc/kamailio/tls/mysipserver_org_key.pem
certificate = /usr/local/etc/kamailio/tls/mysipserver_org_cert.pem
verify_depth = 3
#ca_list = /usr/local/etc/kamailio/tls/mysipserver_org_ca.pem
#crl = /usr/local/etc/kamailio/tls/mysipserver_org_crl.pem
server_name = mysipserver.org
server_name_mode = 1
server_id = mysipserver.org

# ---
# Example server profile for listening on any ip/port
# - it requires to have 'server_name' to match on SNI (only subdomains)
#
[server:any]
method = TLSv1.2+
verify_certificate = yes
require_certificate = no
private_key = /usr/local/etc/kamailio/tls/mysipserver_net_key.pem
certificate = /usr/local/etc/kamailio/tls/mysipserver_net_cert.pem
verify_depth = 3
#ca_list = /usr/local/etc/kamailio/tls/mysipserver_net_ca.pem
#crl = /usr/local/etc/kamailio/tls/mysipserver_net_crl.pem
server_name = mysipserver.net
server_name_mode = 2
server_id = mysipserver.net

是不是有点复杂?

英文不好的看不懂,凑巧英文好了但是没有专业背景也得看好几遍才能明白

无名387
关注
专栏目录
kamailio服务器负载均衡配置过程中,将几个sip服务器同时指向同一个mysql,出现的错误解决
Ada_sunshine1的博客
06-28 810
备注:文章中的内容是本人实验中所作的验证,如果有错误的地方,欢迎大家指正 kamailio服务器负载均衡配置过程中,将几个sip服务器同时指向同一个mysql,出现的错误解决 1、启动kamailio服务器 : kamailio start 错误: 解决: 修改kamailio.cfg文件  vim /usr/local/etc/kamailio/kamailio.cfg,设置DBUR
研究kamailio-issues-1574
fs交流的博客
06-26 115
研究kamailio issue 1574
kamailio 安装配置过程
12-27
kamailio 安装配置过程,根据实际在UBUNTUN服务器下安装配置kamailio的过程步骤,记录在配置过程中遇到的问题及解决,直到最终测试成功。
kamailio开启TLS配置
qq_41681715的博客
09-28 1041
kamailio.cfg配置文件里,一般有#!ifdefWITH_TLS #!endif相应开关,这里将相应开关更改如下: #ifdef WITH_TLS enable_tls=yes loadmodule "tls.so" modparam("tls", "config", "/usr/local/etc/kamailio/tls.cfg") listen=tls:0.0.0.0:5061 /* upper limit for TLS connections */ tls_max_connec...
kamailio配置
luqingsong的专栏
04-14 648
kamailio.cfg中,将if (!save("location"))改成if (!save("location","0x04")),重启服务即可
kamailio 多虚拟域配置
mmsql的专栏
07-02 1370
kamailio 作为强大的开源 sip服务器
kamailio.cfg
hanyingzhong的专栏
12-23 1278
#!KAMAILIO # ####### Include Local Config If Exists ######### import_file "kamailio-local.cfg" ##!define WITH_MULTIDOMAIN #!define WITH_NAT 1 #!define WITH_NATSIPPING 1 #!define WITH_BLOCK3XX 1 ####!define WITH_TRUNK 0 #!define WITH_REGISTER 1 ####### .
kamailio tls
08-31
2. Configure the TLS module: In the Kamailio configuration file (usually kamailio.cfg), include the tls module by adding the following line: ``` loadmodule "tls.so" ``` 3. Configure TLS parameters...
kamailio 中websocket 配置
05-03
打开 Kamailio 配置文件 `/etc/kamailio/tls.cfg`,添加以下内容: ``` # TLS Config modparam("tls", "private_key", "/etc/kamailio/tls/server.key") modparam("tls", "certificate", "/etc/kamailio/tls/server...
kamailio-4.4.2_src.tar.gz
12-15
5. 配置文件:Kamailio配置主要通过修改`etc/kamailio/kamailio.cfg`文件完成,根据实际需求配置路由规则、认证机制等。 6. 启动服务:通过`/etc/init.d/kamailio start`或`systemctl start kamailio`启动服务,并...
KAMAILIO 安装配置说明
04-15
从下载到配置,一步一步实践记录,nat,rtpproxy,媒体中继和媒体桥接等;
kamcli:Kamailio命令行界面控制工具
04-21
卡姆利 Kamailio命令行界面控制工具。 Kamailio是一个开源SIP(RFC3261)服务器,可从以下位置获得: kamcli的目标是成为shell脚本kamctl的现代且可扩展的替代方案。 它要求jsonrpcs模块已加载并配置为侦听Unix域套接字,UDP套接字或FIFO文件。 与Kamailio进行交互的方式必须在kamcli配置文件(kamcli.ini)中设置。 特征 该工具提供了用于管理许多Kamailio模块及其数据库记录的子命令。 可以从终端一次运行,也可以通过嵌入式交互式shell(可以使用kamcli shell启动-参见相应部分)来一次运行。 使用kamcli的原型是: kamcli [options] command [arguments] 可以将用于kamcli的新命令实现为插件,每个命令都在位于kamcli / commands /中的文件中
提供Kamailio web管理详细配置
06-14
1. 在Kamailio配置文件(通常是kamailio.cfg)中添加以下行: ``` #!define WITH_ADMIN ``` 这个定义会启用Kamailio的Web管理界面。 2. 配置HTTP服务器 Kamailio需要一个HTTP服务器来提供Web管理界面。你可以...
kamailio tls client sni
fs交流的博客
06-26 133
kamailio tls client sni
kamailio 安装教程
FUN
03-31 2237
wget -O- https://deb.kamailio.org/kamailiodebkey.gpg | sudo apt-key add - sudo vi /etc/apt/sources.list # deb http://deb.kamailio.org/kamailio53 jessie main # deb http://deb.kamailio.org/kama...
Kamailio openssl 3.0.x 需要注意的事项
最新发布
fs交流的博客
05-08 264
Kamailio openssl 3.0.x 需要注意的事项
Configuring NAT traversal using Kamailio 3.1 and the Rtpproxy server
Android 开发
12-29 3490
Configuring NAT traversal using Kamailio 3.1 and the Rtpproxy server Submitted by palo73 on Thu, 12/02/2010 - 14:07 This article continues on series of articles about the Kamailio 3.1.x SIP proxy
kamailio mysql_Kamailio安装配置指南(绝对原创,亲测有效)
weixin_36257554的博客
01-19 1947
1、先决条件l 读者熟悉Ubuntu/Centos、Linux各种基本操作。l 读者熟悉apt-get软件包管理工具。l 读者熟悉编译安装Linux程序的一般过程。l 操作用户具有sudo权限。2、安装第三方依赖库由于不同的Linux系统,同一个依赖库的名称也会不一样,在线安装方法也不一样,所以在此以Ubuntu和centos两种Linux系统为例进行讲解。Ubuntu系统下的安装方式:s...
TLS 配置和使用
laughing_cui的专栏
09-12 4196
TLS 配置和使用  该源代码里包含了TLS配置和相应的证书文件。  文件夹里包含证书,pjproject中TLS的支持需要在文件config_site.h中增加预编译#define PJ_HAS_SSL_SOCK 1。(但是好像有问题,需要在H:\Projects\hsp01_dep_bin\static_library\pjproject\pjproject_inc\pj\config_
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值